[guardian-dev] Format of exported subkeys from gnupg
Werner Koch
wk at gnupg.org
Fri Jul 20 09:29:54 CEST 2012
On Fri, 20 Jul 2012 00:20, tom at ritter.vg said:
> outputs. http://tools.ietf.org/html/rfc4880#section-5.5.3 Fortunetly,
> it's much easier than working with S-Expressions (IMO at least.)
Hans worked on GnuPG 2.1 which has an easy way to access the secret key
parameters.
$ gpg2 -K --with-keygrip CD8687F6
sec 1024D/CD8687F6 2006-01-17
Keygrip = 21EB68B1FFA01EF777E2D0B1A92A2276D82C2F1C
uid Heinrich Heine <heinrichh at duesseldorf.de>
ssb 1024g/4ECFEF6F 2006-01-17
Keygrip = 654EFA6F19DF08ABFEB88092BC4867D4C5A95460
If you want to script that you should add --with-colons and a grep for
"^grp:". Now with the keygrip you can locate the secret key:
$ ls ~/.gnupg/private-keys-v1.d/654EFA6F19DF08ABFEB88092BC4867D4C5A95460.key
Now if you have not set a passphrase (check out "gpg2 --passwd") you may
use gpg-protect-tool to convert the S-expression into the advanced
format:
$ /us[...]/libexec/gpg-protect-tool ~/.gnu[...]67D4C5A95460.key
(private-key
(elg
(p #00A6B1DAED[...]#)
(g #05#)
(y #00BC5B46C0[...]#)
(x #03C544C345[...]#)
)
)
Libgcrypt has a parser for it. You should find example code to extract
stuff in libgcrypt/tests/.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list